-
Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OX Security researchers have uncovered a critical, systemic vulnerability built directly into the architecture of Anthropic’s Model Context Protocol (MCP). As the industry standard for AI agent communication, this foundational flaw exposes systems to Arbitrary Command Execution (RCE). Attackers who exploit this vulnerability can seize complete control of affected MCP implementations, gaining direct access to […]
The post Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML developer environments into high‑value infection points. The campaign combines pre-auth RCE, credential theft, lateral movement to PostgreSQL and Redis, and a blockchain-based C2 channel that is difficult to monitor or […]
The post Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are increasingly turning to telephone-oriented attack delivery (TOAD) to bypass traditional email security, and a new cybercrime platform called ATHR is accelerating this trend with AI-driven automation and integrated phishing capabilities. TOAD attacks rely on a simple but effective tactic: instead of embedding malicious links or attachments, attackers send benign-looking emails containing only a […]
The post Hackers Deploy ATHR for Scalable AI-Driven Vishing and Credential Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. “CVEs that do not meet those criteria will still be listed in the NVD but will not
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Payouts King is emerging as a technically sophisticated ransomware operation believed to be run by former BlackBasta affiliates, reusing their social‑engineering playbook while introducing hardened obfuscation and encryption routines. The group focuses on high‑value data theft and selective encryption, leveraging strong cryptography and extensive evasion to stay ahead of antivirus and EDR tools. BlackBasta, itself […]
The post Payouts King Emerges: New Ransomware Operation Tied to Ex-BlackBasta Members appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic has officially launched Claude Opus 4.7, a major upgrade designed to tackle complex software engineering while introducing rigorous new cybersecurity safeguards. Released on April 16, 2026, this model brings enhanced problem-solving capabilities to developers and actively addresses the dual-use risks associated with artificial intelligence. The release ties directly into Anthropic’s recently announced Project Glasswing, […]
The post Anthropic Introduces Claude Opus 4.7 for Advanced Problem-Solving appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are experimenting with new malware designed to sabotage Israeli desalination and water treatment plants using a tool dubbed “ZionSiphon,”. However, the current sample appears to be a faulty or developmental build rather than a fully operational weapon. The code checks IPv4 ranges such as 2.52.0.0–2.55.255.255, 79.176.0.0–79.191.255.255, and 212.150.0.0–212.150.255.255, all of which are geolocated to […]
The post ZionSiphon Malware Hits Israeli Desalination Plants appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has significantly escalated its fight against cybercriminals, deploying its advanced Gemini AI to neutralize malicious advertising campaigns. By leveraging generative AI, the tech giant intercepted more than 99% of these harmful advertisements before they ever reached end users. This milestone marks a major shift in how cybersecurity defenses handle automated threats. Threat actors have […]
The post Google Deploys Gemini AI to Stop Threat Actors, Blocking 8.3 Billion Ads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF, disrupted access to the DDoS-for-hire services, took down the technical infrastructure supporting them, and obtained access to
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
